File permission vulnerabilities and Module::Pluggable
Simon Wilcox
essuu at ourshack.com
Wed Jan 21 08:58:06 GMT 2009
Simon Wistow wrote:
> So I've been thinking about adding that support however I'm slightly
> conflicted at the moment about how it should work which is down to two
> things -
I'd go for a major new version with the non-core bundled in and I can
think of two ways to handle the transition:
1. On by default with an option to turn it off. Plenty of warnings all
over the documentation. As this is a security related issue, most people
would be OK with that I think. Anyone who blindly upgrades modules
without testing their app gets what they deserve :-)
2. Alternatively on but non-fatal in the first release and have it spew
warnings every time it loads a file that's unsafe. Give the users an
option to make it fatal from the start and make that the recommended
approach.
Plan to flip it to fatal by default at some defined point later on, say
3 months, to make sure that every one gets the security benefits.
Personally I'd go with option 1. This is Security after all !
S.
More information about the london.pm
mailing list